Skip to content
This repository has been archived by the owner on Oct 25, 2023. It is now read-only.

Commit

Permalink
Merge pull request #79 from Skyscanner/ghtokens
Browse files Browse the repository at this point in the history 
Add Github token formats
  • Loading branch information
@adeptex
adeptex authored Aug 25, 2021
2 parents 270da04 + 1588a0f commit 88755fe
Show file tree
Hide file tree
Showing 3 changed files with 10 additions and 4 deletions.
8 changes: 7 additions & 1 deletion tests/fixtures/gitkeys.yml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,11 @@
# https://docs.github.com/en/github/authenticating-to-github/keeping-your-account-and-data-secure/about-authentication-to-github#githubs-token-formats

compliant:
name: GHP_THISISASTRINGTHATHASTHESAMELENASTOKE

noncompliant:
name: ghp_fK8UXjzPM1Lzf356hwgGym4JAfnHARDcoded
personal: ghp_fK8UXjzPM1Lzf356hwgGym4JAfnHARDcoded
oauth: gho_fK8UXjzPM1Lzf356hwgGym4JAfnHARDcoded
user: ghu_fK8UXjzPM1Lzf356hwgGym4JAfnHARDcoded
server: ghs_fK8UXjzPM1Lzf356hwgGym4JAfnHARDcoded
refresh: ghr_1B4a2e77838347a7E420ce178F2E7c6912E169246c34E1ccbF66C46812d16D5B1A9HARDcoded
2 changes: 1 addition & 1 deletion tests/unit/test_secrets.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,7 @@ def test_detection_by_key(src, expected):
("java.properties", 3),
("webhooks.yml", 3),
("creditcards.yml", 3),
("gitkeys.yml", 1),
("gitkeys.yml", 5),
],
)
def test_detection_by_value(src, count):
Expand Down
4 changes: 2 additions & 2 deletions whispers/rules/gitkeys.yml
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
github:
description: Github personal access token
description: Github token
message: Github token
severity: CRITICAL
value:
regex: ^ghp_[a-zA-Z0-9]{36}$
regex: ^(gh[pous]_[a-zA-Z0-9]{36}|ghr_[a-zA-Z0-9]{76})$
ignorecase: False

0 comments on commit 88755fe

Please sign in to comment.